jonny/jonnybarnes.uk
1
0
Fork 0
Code Issues 5 Pull requests Projects Releases 5 Packages Wiki Activity Actions

Store scope data correctly

Browse source 
I was using the key `scopes` instead of `scope`
This commit is contained in:
Jonny Barnes 2024-06-30 11:13:27 +01:00
parent 06c5d811be
commit 3cf11b0d72
Signed by: jonny
SSH key fingerprint: SHA256:CTuSlns5U7qlD9jqHvtnVmfYV3Zwl2Z7WnJ4/dqOaL8
2 changed files with 20 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
app/Http/Controllers/IndieAuthController.php
View file

@ -104,7 +104,7 @@ class IndieAuthController extends Controller
'client_id' => $request->get('client_id'),
'redirect_uri' => $request->get('redirect_uri'),
'auth_code' => $authCode,
'scopes' => $request->get('scopes', ''),
'scope' => $request->get('scope', ''),
];
Cache::put($cacheKey, $indieAuthRequestData, now()->addMinutes(10));
@ -116,11 +116,6 @@ class IndieAuthController extends Controller
'iss' => config('app.url'),
]);
// For now just dump URL scheme
// return response()->json([
// 'redirect_uri' => $redirectUri,
// ]);
return redirect()->away($redirectUri);
}
@ -160,7 +155,7 @@ class IndieAuthController extends Controller
return $indieAuthData;
}
if ($indieAuthData['scopes'] === '') {
if ($indieAuthData['scope'] === '') {
return response()->json(['errors' => [
'scope' => [
'The scope property must be non-empty for an access token to be issued.',
@ -171,7 +166,7 @@ class IndieAuthController extends Controller
$tokenData = [
'me' => config('app.url'),
'client_id' => $request->get('client_id'),
'scope' => $indieAuthData['scopes'],
'scope' => $indieAuthData['scope'],
];
$tokenService = resolve(TokenService::class);
$token = $tokenService->getNewToken($tokenData);
@ -179,7 +174,7 @@ class IndieAuthController extends Controller
return response()->json([
'access_token' => $token,
'token_type' => 'Bearer',
'scope' => $indieAuthData['scopes'],
'scope' => $indieAuthData['scope'],
'me' => config('app.url'),
]);
}
@ -189,16 +184,12 @@ class IndieAuthController extends Controller
// If client_id is not a valid URL, then it's not valid
$clientIdParsed = \Mf2\parseUriToComponents($clientId);
if (! isset($clientIdParsed['authority'])) {
ray($clientIdParsed);
return false;
}
// If redirect_uri is not a valid URL, then it's not valid
$redirectUriParsed = \Mf2\parseUriToComponents($redirectUri);
if (! isset($redirectUriParsed['authority'])) {
ray($redirectUriParsed);
return false;
}
@ -212,9 +203,7 @@ class IndieAuthController extends Controller
try {
$clientInfo = $guzzle->get($clientId);
} catch (Exception $e) {
ray('Failed to fetch client info', $e->getMessage());
} catch (Exception) {
return false;
}

30
tests/Feature/IndieAuthTest.php
View file

@ -45,7 +45,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456',
'scopes' => 'create update delete',
'scope' => 'create update delete',
'code_challenge' => '123456',
'code_challenge_method' => 'S256',
]);
@ -68,7 +68,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456',
'scopes' => 'create update delete',
'scope' => 'create update delete',
'code_challenge' => '123456',
'code_challenge_method' => 'S256',
]);
@ -89,7 +89,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456',
'scopes' => 'create update delete',
'scope' => 'create update delete',
'code_challenge' => '123456',
'code_challenge_method' => 'S256',
]);
@ -110,7 +110,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456',
'scopes' => 'create update delete',
'scope' => 'create update delete',
'code_challenge' => '123456',
'code_challenge_method' => 'S256',
]);
@ -131,7 +131,7 @@ class IndieAuthTest extends TestCase
'me' => 'https://example.com',
'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456',
'scopes' => 'create update delete',
'scope' => 'create update delete',
'code_challenge' => '123456',
'code_challenge_method' => 'S256',
]);
@ -152,7 +152,7 @@ class IndieAuthTest extends TestCase
'me' => 'https://example.com',
'client_id' => 'https://app.example.com',
'state' => '123456',
'scopes' => 'create update delete',
'scope' => 'create update delete',
'code_challenge' => '123456',
'code_challenge_method' => 'S256',
]);
@ -173,7 +173,7 @@ class IndieAuthTest extends TestCase
'me' => 'https://example.com',
'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback',
'scopes' => 'create update delete',
'scope' => 'create update delete',
'code_challenge' => '123456',
'code_challenge_method' => 'S256',
]);
@ -195,7 +195,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456',
'scopes' => 'create update delete',
'scope' => 'create update delete',
'code_challenge_method' => 'S256',
]);
@ -216,7 +216,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456',
'scopes' => 'create update delete',
'scope' => 'create update delete',
'code_challenge' => '123456',
]);
@ -237,7 +237,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456',
'scopes' => 'create update delete',
'scope' => 'create update delete',
'code_challenge' => '123456',
'code_challenge_method' => 'invalid_value',
]);
@ -283,7 +283,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com',
'redirect_uri' => 'example-app://callback',
'state' => '123456',
'scopes' => 'create update delete',
'scope' => 'create update delete',
'code_challenge' => '123456',
'code_challenge_method' => 'S256',
]);
@ -327,7 +327,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com',
'redirect_uri' => 'example-app://callback',
'state' => '123456',
'scopes' => 'create update delete',
'scope' => 'create update delete',
'code_challenge' => '123456',
'code_challenge_method' => 'S256',
]);
@ -611,7 +611,7 @@ class IndieAuthTest extends TestCase
hash('sha256', 'abc123def', true),
SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING
),
'scopes' => '',
'scope' => '',
'client_id' => 'https://app.example.com',
'redirect_uri' => 'example-app://callback',
]);
@ -646,7 +646,7 @@ class IndieAuthTest extends TestCase
hash('sha256', 'abc123def', true),
SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING
),
'scopes' => 'create update',
'scope' => 'create update',
'client_id' => 'https://app.example.invalid',
'redirect_uri' => 'example-app://callback',
]);
@ -681,7 +681,7 @@ class IndieAuthTest extends TestCase
hash('sha256', 'abc123def', true),
SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING
),
'scopes' => 'create update',
'scope' => 'create update',
'client_id' => 'https://app.example.com',
'redirect_uri' => 'example-app://callback',
]);